<?php
	require '../../include/library.inc.php';
	require '../../include/admin_login.inc.php';
	require '../../include/paging.inc.php';
	$user_id = $_REQUEST["user_id"];
	
	
	if (!isset($_POST['is_submitted'])) {
			$_POST['is_submitted'] = '';
		}
		if (!isset($_POST['email'])) {
			$_POST['email'] = '';
		}
		if (!isset($_POST['password'])) {
			$_POST['password'] = '';
		}
		if (!isset($error_message)) {
			$error_message = '';
		}
		$redirect = $_SERVER['HTTP_REFERER'];	
		
		if ($_POST['is_submitted']) {
			$error_message = '';
			$redirect = $_POST["redirect"];
			if (!$_POST['email']) $error_message .= 'Не е въведен E-mail адрес<br/>';
			else $_POST['email'] = escape($_POST['email']);
			if (checkEmail($_POST['email'])== 0) $error_message .= "Невалиден E-mail адрес<br/>";
			if ($_POST['password'])
			{
				if (!$_POST['repassword']) $error_message .= 'Повторете паролата<br/>';
				else $_POST['repassword'] = escape($_POST['repassword']);
			if ($_POST['password'] != $_POST['repassword']) $error_message .= 'Въведените пароли не съвпадат<br/>';
			}
		
			if (!$error_message) {
				$sql = "SELECT
							*
						   FROM
							 users
						   WHERE
							 email = \"".escape($_POST['email'])."\"
							 
							 AND user_id != '$user_id'
						   
						";
				$result = query($sql);
				if ($row = mysql_fetch_object($result)) {
					$error_message = 'Вече има потребител регистриран с този e-mail!';
				} else {
					
					$sql = "UPDATE users SET
							 email = '".escape($_POST['email'])."',
							 full_name = '".escape($_POST['fullname'])."'
						   WHERE
						   user_id = '$user_id'
						   ";
						  if($_POST['password'])
						  {
							$sql = "UPDATE users SET
							 email = '".escape($_POST['email'])."',
							 full_name = '".escape($_POST['fullname'])."',
							 h_password = '".md5(escape($_POST['password']))."'
						   WHERE
						   user_id = '$user_id'
						   ";  
						  }
						   
					query($sql);
					redirect($redirect);
					
				}
			}
		}
		head_admin("Редактиране на потребителски профил");
	?>
		
		
		
            
            <div class="topbuttons">
                <a href="users.php">Обратно</a>
            </div>
            
            <h3>Редактиране на потребителски профил</h3>
            <form action="<?=$_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data">
                <input type="hidden" name="is_submitted" value="1" />
                <input type="hidden" name="user_id" value="<?=$user_id?>" /> 
                <input type="hidden" name="redirect" value="<?=$redirect?>" />
                <dl class="clearfix">
            
                    <?php if ($error_message) { ?>
                    <div class="red" style="padding:10px;">
                        <?=$error_message?>
                    </div><br /><br />
                    <?php } 
                    $sql = "SELECT 
                                email,
                                full_name
                            FROM
                                users
                            WHERE
                                user_id ='$user_id'
                            
                            ";
                    $result_use = query($sql);
                    $row_use = mysql_fetch_object($result_use);
                    
                    $email = $row_use->email;
                    $fullname = $row_use->full_name;
                    if ($_POST['is_submitted'])
                    {
                        $fullname = $_POST['fullname'];
                        $email = $_POST['email'];
                        
                    }
            
             
            ?>
            
                    <dt><label for="email" class="required">E-mail</label></dt>
                    <dd class="short"><input class="inputbox" name="email" type="text" value="<?=$email?>" ></dd>
                    
                    <dt><label for="email" class="required">Име и фамилия</label></dt>
                    <dd class="short"><input class="inputbox" name="fullname" type="text" value="<?=$fullname?>" ></dd>
                    
                    <dt><label for="password" class="required">Нова парола</label></dt>
                    <dd class="short"><input class="inputbox" name="password" type="password" value="<?=$_POST['password']?>" ></dd>
                    <dt><label for="password" class="required">Повтори паролата</label></dt>
                    <dd class="short"><input class="inputbox" name="repassword" type="password" value="<?=$_POST['repassword']?>" ></dd>
                    <dd class="submit">
                    <input type="submit" name="submit" id="submit" value="Запиши">
                    </dd>
            
                </dl>
            </form>
            
<?php
	foot_admin(); 
?>